Look at that sally, a false equivocation right out of the gate. I'll just change your text so that it represents what I actually said ....
>How exactly does taking steps that have previously been used in civil suits to demonstrate due diligence such enforcing password requirements going to demonstrate due diligence?
Well I'm glad you asked billy! The answer is tautology. Thanks for playing.
This argument is stupid. You want to talk about yak shaving, theoretical nonsense. FWIW I agree with you and think that password requirements are dumb, but you live in the real world. These are the legal realities of IT policy.
Your content free, one sentence response not withstanding. Is there something specific you'd like clarification about?